19 matches found
CVE-2021-47791
SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation. Attackers can trigger crashes by entering malformed paths, using invalid IP addresses, or clearing connection history in the client's...
CVE-2021-47791
Summary: CVE-2021-47791 affects SmartFTP Client 10.0.2909.0. According to connected sources, the product is vulnerable to multiple denial-of-service conditions triggered by specially crafted input, including malformed paths, invalid IP addresses, or clearing the connection history in the client i...
EUVD-2020-4314
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-11997
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the sam...
BIT-GUACAMOLE-2020-11997
Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other users have accessed that connection, as well as the IP addresses from which that...
BIT-GUACAMOLE-SERVER-2020-11997
Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other users have accessed that connection, as well as the IP addresses from which that...
Incorrect Default Permissions in Apache Guacamole
Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other users have accessed that connection, as well as the IP addresses from which that...
MGASA-2021-0272 Updated guacd packages fix security vulnerabilities
Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to intercept the user's session token if unencrypted HTTP requests are made to the same domain...
Updated guacd packages fix security vulnerabilities
Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to intercept the user's session token if unencrypted HTTP requests are made to the same domain...
Apache Guacamole <= 1.2.0 Information Disclosure Vulnerability
Apache Guacamole is prone to an information disclosure vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
CVE-2020-11997
Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other users have accessed that connection, as well as the IP addresses from which that...
CVE-2020-11997
Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other users have accessed that connection, as well as the IP addresses from which that...
Insecure Default
Overview Affected versions of this package are vulnerable to Insecure Default. Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other...
CVE-2020-11997
Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other users have accessed that connection, as well as the IP addresses from which that...
Session fixation
Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other users have accessed that connection, as well as the IP addresses from which that...
UBUNTU-CVE-2020-11997
Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other users have accessed that connection, as well as the IP addresses from which that...
CVE-2020-11997
The CVE-2020-11997 flaw affects Apache Guacamole 1.2.0 and earlier, where access control for connection history is not consistently applied across users sharing a connection. This can let some users see which other users accessed the same connection and the IPs used, even if they should not have ...
CVE-2020-11997
Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other users have accessed that connection, as well as the IP addresses from which that...
PT-2021-9434 · Apache +1 · Apache Guacamole +1
Name of the Vulnerable Software and Affected Versions: Apache Guacamole versions 1.2.0 and earlier Description: The issue arises from inconsistent access restrictions to connection history based on user visibility. When multiple users share access to the same connection, they may be able to see...